PT-2025-49790 · Linux+3 · Linux Kernel+3

Published

2025-01-01

·

Updated

2026-05-07

·

CVE-2025-40337

CVSS v2.0

7.7

High

VectorAV:A/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The stmmac rx function in the Linux kernel did not properly validate checksum offload errors during packet reception. Specifically, the function would incorrectly mark packets as valid even if the hardware reported checksum failures, potentially allowing corrupt packets to be processed by the network stack. The issue stemmed from ignoring hardware status flags indicating header or payload checksum errors. The patch corrects this by checking the csum none status flag, ensuring that the kernel's network stack performs its own validation when the hardware reports a checksum error.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Stack Overflow

Weakness Enumeration

CWE-121

Related Identifiers

BDU:2026-01352
CVE-2025-40337
ECHO-CF52-F6F9-43C7
MGASA-2026-0017
MGASA-2026-0018
OPENSUSE-SU-2026:20145-1
SUSE-SU-2026:0278-1
SUSE-SU-2026:0281-1
SUSE-SU-2026:0315-1
SUSE-SU-2026:0316-1
SUSE-SU-2026:20207-1
SUSE-SU-2026:20220-1
SUSE-SU-2026:20228-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
USN-8029-1
USN-8029-2
USN-8029-3
USN-8030-1
USN-8048-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8100-1
USN-8125-1
USN-8126-1
USN-8165-1
USN-8261-1

Affected Products

Debian
Linuxmint
Linux Kernel
Ubuntu